Pentester & Security Engineer

Secure Payments

Learning at G+D Netcetera

Job Details

• Title / Title Description / Description
• Requirements / Requirements

Benefits

• Flexibility: Adjust your time to work efficiently, be it working hours, part‑time options, home office, or unpaid leave
• Extra vacation days: Need to take some extra time off? With us, you have the possibility to activate 5 additional paid days per year on top of your vacation plan
• Private health & Family Insurance: The company policy covers a private health insurance plan for you and your family
• Yearly Education Fund: We strongly believe in continuous development and would love to see you enrich your knowledge. Every Netceterian has a dedicated yearly fund to invest in their professional and personal development through conferences, courses, lectures or long‑term education
• Meals & Snacks: Enjoy a lunch allowance each working day, free fruit and drinks in the office

Company Overview

• G+D Netcetera operates in a fast‑paced B2B environment and is specialized in secure financial sector applications. The company is growing and active in the Research & Development of new Products and Services for customers.
• G+D Netcetera is a leading Swiss software company with forward‑looking digital solutions for Digital Banking, Payment, Mobility, Healthcare and Publishing. It enables companies to seize growth opportunities and creates new possibilities in the digital world. With expertise and over 25 years of success, the company develops future‑proof and scalable software that delivers real value for its customers and consumers.
• G+D Netcetera is an expert for seamless and secure user journeys in highly secure and privacy‑driven environments.

Role Overview

We’re looking for a versatile Pentester & Security Engineer who can shift seamlessly between deep technical testing and hands‑on enablement of engineering teams. You’ll perform penetration tests, drive threat modeling and security requirements engineering, and take ownership of developing, maintaining, and operating cloud‑security tools, guardrails, and configurations. You will help teams remediate vulnerabilities at speed. This role is perfect for a pragmatic engineer who can read and write code, understands how products are built and shipped, and loves to partner with developers to make secure delivery the default.

Responsibilities

• Perform targeted penetration tests and security assessments across:
• Support development teams in Secure software engineering
• Secure code reviews
• Security Tooling usage (CI/CD, SAST, DAST etc)
• Vulnerability Management
• Support teams in their vulnerability management lifecycle (discovery → triage → remediation → validation)
• Champion secure coding practices and provide targeted remediation guidance with code snippets
• Build or enhance security telemetry using AWS‑native tooling (CloudTrail, GuardDuty, WAF, Security Hub, CloudWatch)
• Implement and maintain policy‑as‑code tools & solutions (Kyverno, OPA)
• Implement and maintain a variety of security tools such as (Neuvector, Trivy, Dependencytrack, Defectdojo)

Your Profile

• Bachelor’s degree in computer science, information security, engineering, or a related field
• A minimum of years of solid, hands‑on experience in Software engineering, IT security engineering, systems engineering, or cloud security within a corporate or high‑tech environment
• Penetration testing or application security experience
• Proven ability to read, write, and understand production code
• Container & Kubernetes security experience (RBAC, admission controls etc)
• Understanding of cloud‑native attack vectors (privilege escalation, SSRF, misconfigured IAM policies)
• Familiarity with traditional, modern, and software‑defined networking concepts and technologies
• Fluent English speaker and writer
• Experience in fintech, payments, banking, or regulated industries
• Knowledge of relevant standards (PCI DSS, SOC 2, ISO 27001, EBA/FINMA guidelines)
• Familiarity with compliance expectations in regulated environments
• Strong knowledge of AWS, including IAM, KMS, network segmentation, workload identity, and monitoring
• Professional experience with certifications such as OSCP, OSWE, AWS Security Specialty

Additional German Benefits

• Flexibilität: Wir bieten dir flexible Arbeitszeiten, Teilzeitoptionen, Home Office oder auch die Möglichkeit für unbezahlten Urlaub
• Zusätzliche Urlaubswoche: Deine Erholung ist uns wichtig. Bei uns hast du die Möglichkeit, nebst deinen regulären Urlaubstagen, eine zusätzlich bezahlte Urlaubswoche pro Jahr zu aktivieren
• Jährliches Ausbildungsbudget: Wir glauben fest an eine kontinuierliche Entwicklung und freuen uns, wenn du dein Wissen erweiterst. Jeder Netceterianer hat ein jährliches Budget, um in seine berufliche und persönliche Entwicklung durch Konferenzen, Kurse, Vorlesungen oder langfristige Weiterbildung zu investieren
• Mittagessen & Snacks: Wir beteiligen uns an den Kosten fürs Mittagessen und im Büro stehen dir Snacks und Getränke kostenlos zur Verfügung
• Familienfreundliche Leistungen: Wir heißen deinen Nachwuchs herzlich willkommen und unterstützen dich mit verlängertem Mutterschafts‑ resp. Vaterschaftsurlaub
• Private Krankenversicherung: Die Unternehmenspolice umfasst eine private Krankenversicherung für dich und deine Familie

Application

(Details on how to apply can be added here)